New vulnerabilities found in RSA 1024 and 2048 bit keys.
Estimated cost of cracking based on access to the Public key only:
1024 bit: $40
2048 bit: $20.000
Time to move away from primes and onto elliptical curves?
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
https://crocs.fi.muni.cz/public/papers/rsa_ccs17
Does using fixed DHCP (always assigning the same IP address to the same Mac address) not (temporarily) solve the problem?
Serge GODEC MAC addresses can be spoofed. Besides, the RSA weakness isn’t just about networking.
Seeing all the vulnerable peripherals, it’s actually scary ; let’s hope it’s all patched up quickly.
RSA keeps on losing to DH. At least with DH one blends the keys from both sides together and even when talking to losing devices one still has the strength of the local key to protect oneself. This is the same property that gives you PFS (perfect forward security). Disclosure of the remote key buys one little. This problem with RSA has surfaced before when IOT devices chose the same RSA key pairs due to a poor random number generator. Now we have a different bug causing a small and predictable set of RSA keys to be chosen. Time to move away from RSA.